Crypt-SaltedHash
view release on metacpan or search on metacpan
lib/Crypt/SaltedHash.pm view on Meta::CPAN
114115116117118119120121122123124125126127128129130131132133134
Split Digest into 2 byte arrays, one
for
bytes 0 – 20(pwhash), one
for
bytes 21 – 32 (salt)
Get the target string and salt as separate binary object
Concatenate the 2 binary
values
SHA hash the concatenation into targetPasswordHash
Compare targetPasswordHash
with
pwhash
Return corresponding Boolean value
Our job is to
split
the original digest up into 2 distinct byte arrays, one of the left 20 (0 - 20 including the null terminator) bytes and
the other
for
the rest of the data. The left 0 – 20 bytes will represent the salted binary value we will
use
for
a byte-by-byte data
match against the new clear text presented
for
verification. The string presented
for
verification will have to be salted as well. The rest
of the bytes (21 – 32) represent the random salt which
when
decoded will show the exact
hex
characters that make up the once randomly
generated seed.
We are now ready to verify some data. Let's start
with
the 4 hashes presented earlier. We will run them through
our
code to extract the
random salt and then using that verify the clear text string hashed by slappasswd. First, let's
do
a verification test
with
an erroneous
password; this should fail the matching test:
{SSHA}72uhy5xc1AWOLwmNcXALHBSzp8xt4giL Test123
Hash extracted (in
hex
): ef6ba1cb9c5cd4058e2f098d71700b1c14b3a7cc
Salt extracted (in
hex
): 6de2088b
Hash
length
is: 20 Salt
length
is: 4
( run in 0.261 second using v1.01-cache-2.11-cpan-1dc43b0fbd2 )